Holy schnikes – this episode is actually 7 minutes long! What a concept!

Anyway, today I give you a couple tips that have helped me pwn some internal networks the last few weeks, including:

• Getting a second (and third?) opinion on Active Directory Certificate Services vulnerabilities!

• Analyzing the root domain object in BloodHound to find some misconfigs that might equal instant domain admin access!